Hacktivists stealing more data than cyberthieves

Emma Woollacott, 22nd March 2012

Hacktivists such as Anonymous will be pleased to hear that they're the biggest security threat to govermnents and companies, accounting for well over half the 174 million user records stolen last year.

"Mainline cybercriminals continued to automate and streamline their method du jour of high-volume, low-risk attacks against weaker targets. Much less frequent, but arguably more damaging, were continued attacks targeting trade secrets, classified information, and other intellectual property."

In terms of the number of breaches, hacktivists were responsible for about 22 percent of those experienced by large organizations. Scammers, says Verizon, tend to go for the easier targets represented by small companies.

The authors of the report examined 855 data breaches in 36 countries, helped out by data from American, Dutch, Australian, Irish and British authorities.

And, they say, most attacks weren't actually terribly sophisticated.

"Most victims fell prey because they were found to possess an
(often easily) exploitable weakness rather than because they
were pre-identified for attack," they say.

"Given this, it’s not surprising that most breaches were avoidable (at least in hindsight) without difficult or expensive countermeasures."

Smaller companies, says Verizon, should be most on the lookout for vulnerabilities in websites that leave them open to a hack. Larger ones, though, are tending to be hit through social engineering and phishing attacks - presumably because they're a bit more careful about the technical side of things.